Detecting EnemyBot – Securonix Initial Coverage Advisory
released on 2022-04-08 @ 11:11:16 AM
Researchers have identified EnemyBot, a brand new Linux-based botnet. At first glance and by analyzing the initial infection, it appears to cover a wide range of devices and platforms. The initial infection was identified making a drive-by attempt to /shell at a web server with an interesting payload attached to the “value” string.